Uwe Hermann - testhttp://www.hermann-uwe.de/taxonomy/term/162/0
enTesting stuff with QEMU - Part 3: Debian GNU/kFreeBSDhttp://www.hermann-uwe.de/blog/testing-stuff-with-qemu-part-3-debian-gnu-kfreebsd
<p><a href="http://www.hermann-uwe.de/node/1277"><img src="http://www.hermann-uwe.de/files/images/debian_gnu_kfreebsd1.preview.jpg" width="320" height="186" align="right" hspace="5" alt="Debian GNU/kFreeBSD screenshot 1" /></a></p>
<pre>
<strong>Note:</strong> This article is part of my <a href="http://www.hermann-uwe.de/blog/testing-stuff-with-qemu-part-1-selinux-support-in-debian-unstable">Testing stuff with QEMU</a> series.
</pre><p>
From the <a href="http://www.debian.org/ports/kfreebsd-gnu/">Debian GNU/kFreeBSD port page</a>:</p>
<blockquote><p>
Debian GNU/kFreeBSD is a port that consists of GNU userland using the GNU C library on top of <a href="http://www.freebsd.org/">FreeBSD</a>'s kernel, coupled with the regular Debian package set.
</p></blockquote>
<p>Q: Why would anybody want to do that?<br />
A: Why not? [1]</p>
<p>So, after we have talked about that, let's start:</p>
<ol>
<li>
Install QEMU:<br />
<code>apt-get install qemu</code>
</li>
<li>
Download the latest <a href="http://glibc-bsd.alioth.debian.org/install-cd/">Debian GNU/kFreeBSD installer ISO image</a> (either for i386 or amd64):<br />
<code>wget http://glibc-bsd.alioth.debian.org/install-cd/kfreebsd-i386/20070313/debian-20070313-kfreebsd-i386-install.iso</code>
</li>
<li>
Create a QEMU image which will hold the Debian GNU/kFreeBSD (i386) installation:<br />
<code>qemu-img create -f qcow2 qemu_kfreebsd_i386.img 5G</code>
</li>
<li>
Boot directly from the ISO image and install Debian into the QEMU image:<br />
<code>qemu -boot d -cdrom debian-20070313-kfreebsd-i386-install.iso -hda qemu_kfreebsd_i386.img</code>
</li>
<li>
The FreeBSD installer will now start. For more detailed instructions see the <a href="http://glibc-bsd.alioth.debian.org/doc/">Installing Debian GNU/kFreeBSD</a> manual.<br />
First you can choose between an "Express" or "Custom" install (I used "Express").
</li>
<li>
Next you end up in the partitioning tool. Type "a" to use the entire (QEMU) disk for the installation (the disk is called "ad0", not "hda" as on Linux). Type "q" to quit the partitioning tool.
</li>
<li>
You are now asked which boot manager to use. For QEMU you should use "BootMgr", the default FreeBSD boot manager. If you install on real hardware you can also use GRUB; in that case choose "None" here (see the <a href="http://glibc-bsd.alioth.debian.org/doc/installing.html#grub">manual</a> for more information), but note that the installer does <strong>not</strong> install or configure GRUB for you! You should do that beforehand!
</li>
<li>
Next up: The disklabel editor. Here you'll create a partition ("slice" in FreeBSD-speak) for the root filesystem and a swap partition.<br />
Press "c" to create a new slice (will be called "ad0s1"), enter "4GB", choose "FS" (filesystem), and enter "/" for the root filesystem. Per default the UFS2 file system will be used. To create the swap partition, press "c" again, enter "1023MB", and select "swap". The new slice is called "ad0s1b". Press "q" to quit.
</li>
<li>
Choose "minimal" when asked which distribution to install.
</li>
<li>
Installation media dialog: select "CD/DVD" and "acd0" (for QEMU's ATAPI/IDE CD-ROM drive).
</li>
<li>
The installation will now begin, and after a while you're asked to switch to console 3 using <code>ALT-F3</code>. Do it.
</li>
<li>
You'll have to answer a bunch of questions: geographic area + city you're in (for timezone), whether you want to participate in the Debian popularity contest, whether module-init-tools should load additional drivers (no, so press ENTER three times). The installation will soon be finished.
</li>
</ol>
<p>At the end you must select "No" as you're told to do, then reboot via "Exit Install". You can then shutdown QEMU.</p>
<ol>
<li>
Restart QEMU with the newly installed Debian GNU/kFreeBSD:<br />
<code>qemu -hda qemu_kfreebsd_i386.img</code><br />
<a href="http://www.hermann-uwe.de/node/1278"><img src="http://www.hermann-uwe.de/files/images/debian_gnu_kfreebsd2.preview.jpg" width="320" height="246" align="right" hspace="5" alt="Debian GNU/kFreeBSD screenshot 2" /></a>
</li>
<li>
Press enter at the FreeBSD boot manager prompt, then login as root (there's no password).
</li>
<li>
First things first: Set up a root password:<br />
<code>passwd</code>
</li>
<li>
Now let's fix networking, update the system and install a bunch of packages:<br />
<code>nano /etc/network/interfaces</code><br />
Yes, there's no vi, not even a symlink to nano! Uncomment the two "ed0" lines ("ed0" is the equivalent to "eth0" on Linux, I guess).<br />
<code>/etc/init.d/networking restart</code><br />
<code>apt-get update &amp;& apt-get dist-upgrade</code><br />
<code>apt-get install vim xorg icewm xterm</code>
</li>
<li>
You can fix your console keymap using the kbdcontrol package (just select your keymap from the menu):<br />
<code>apt-get install kbdcontrol</code>
</li>
<li>
Finally, let's fix X11 and start it. But first we create a new user, as we don't want to run X11 as root:<br />
<code>adduser uwe</code><br />
<code>vi /etc/X11/xorg.conf</code><br />
The mouse device is "/dev/psm0", the protocol "PS/2", and the graphics driver should be "vesa":</p>
<pre>
Section "InputDevice"
Option "Device" "/dev/psm0"
Option "Protocol" "PS/2"
[...]
Section "Device"
Driver "vesa"
</pre></li>
<li>
That's about it. Login as "uwe" (or whatever your username is) and start X11:<br />
<code>startx</code>
</li>
</ol>
<p>Wasn't all that hard, eh? Now, if you've got some spare time, head over to the <a href="http://wiki.debian.org/Debian_GNU/kFreeBSD">Debian GNU/kFreeBSD wiki page</a> and help improving this port ;-) You should probably start with reading the <a href="http://glibc-bsd.alioth.debian.org/porting/PORTING">PORTING</a> guide.</p>
<p>Both kfrebsd-i386 and kfreebsd-amd64 seem to be reasonably stable already (and more than 70% of the whole Debian archive builds fine on these architectures, see <a href="http://unstable.buildd.net/buildd/kfreebsd-i386_stats.html">kfreebsd-i386_stats</a> and <a href="http://unstable.buildd.net/buildd/kfreebsd-amd64_stats.html">kfreebsd-amd64_stats</a>). I'll quite likely install kfreebsd-amd64 on one of my boxes soonish and start using it, maybe I'll even find some time to fix/patch/port some packages...</p>
<p>[1] More elaborate answer(s) and reasons <a href="http://wiki.debian.org/Debian_GNU/kFreeBSD_why">are available in the Debian wiki</a>.</p>
http://www.hermann-uwe.de/blog/testing-stuff-with-qemu-part-3-debian-gnu-kfreebsd#commentsamd64architecturedebianemulationfreebsdgnukernelportqemutestx86Fri, 27 Jul 2007 10:55:14 +0200Uwe Hermann1279 at http://www.hermann-uwe.deTesting stuff with QEMU - Part 1: SELinux support in Debian unstable [Update]http://www.hermann-uwe.de/blog/testing-stuff-with-qemu-part-1-selinux-support-in-debian-unstable
<p><strong style="color: #ff0000">Update</strong>: "Testing stuff with QEMU"-articles published so far:</p>
<ul>
<li><a href="http://www.hermann-uwe.de/blog/testing-stuff-with-qemu-part-3-debian-gnu-kfreebsd">Part 3: Debian GNU/kFreeBSD</a></li>
<li><a href="http://www.hermann-uwe.de/blog/testing-stuff-with-qemu-part-2-menuetos-a-tiny-os-written-in-100-percent-assembly-language">Part 2: MenuetOS, a tiny OS written in 100% assembly language</a></li>
<li><a href="http://www.hermann-uwe.de/blog/testing-stuff-with-qemu-part-1-selinux-support-in-debian-unstable">Part 1: SELinux support in Debian unstable</a></li>
</ul>
<p>Here's a quick HOWTO to get you started with the <a href="http://fabrice.bellard.free.fr/qemu/">QEMU</a> emulator, the <a href="http://www.us.debian.org/devel/debian-installer/">Debian installer</a> (etch beta 3), and <a href="http://en.wikipedia.org/wiki/SE_Linux">SELinux</a>. If you execute the following steps you'll be left with an SELinux-enabled Debian unstable QEMU image, but <em>not</em> with a complete working and perfectly configured SELinux system. A more detailed article about SELinux will probably follow...</p>
<p><strong>Basic Debian unstable install in QEMU</strong>:</p>
<ol>
<li>
Install QEMU:<br />
<code>apt-get install qemu</code>
</li>
<li>
Download the latest <a href="http://www.us.debian.org/devel/debian-installer/">Debian etch installer ISO image</a> (etch beta 3, currently):<br />
<code>wget http://cdimage.debian.org/cdimage/etch_di_beta3/i386/iso-cd/debian-testing-i386-binary-1.iso</code>
</li>
<li>
Create a QEMU image which will hold the Debian installation:<br />
<code>qemu-img create -f qcow /path/to/debian.img 5000M</code>
</li>
<li>
Boot directly from the ISO image and install Debian into the QEMU image (I won't go into the details of the installation itself; <a href="http://wolfgang.lonien.de">Wolfang Lonien</a> has nice HOWTOs for that: <a href="http://blog.thedebianuser.org/?p=27">part 1</a>, <a href="http://blog.thedebianuser.org/?p=79">part 2</a>, <a href="http://wolfgang.lonien.de/?p=196">video</a>):<br />
<code>qemu -hda /path/to/debian.img -boot d -cdrom debian-testing-i386-binary-1.iso</code>
</li>
<li>
After the installation is done, configure the system, tweak <code>/etc/apt/sources.list</code> if needed, and then dist-upgrade to the latest stuff:<br />
<code>apt-get update &amp;& apt-get dist-upgrade</code>
</li>
<li>
That's about it for the basic Debian install, you can now shutdown the OS and QEMU (type "<code>halt</code>" in the emulated Debian, wait for the shutdown to complete, press CTRL+ALT+2 to switch to the QEMU console, and type "<code>quit</code>").
</li>
</ol>
<p><strong>Creating a QEMU overlay image</strong>:</p>
<p>QEMU has a nice feature called <em>overlay images</em> which allows you to "clone" an image, where the new (overlay) image will only store the "diffs" to the original one, thus saving lots of space. This also allows you to remove the overlay image at any time and restart from the original image (which is nice for testing stuff which may break).</p>
<ol>
<li>
Create an overlay image based on the previously installed Debian image:<br />
<code>qemu-img create -b /path/to/debian.img -f qcow /path/to/debian_selinux_overlay.img</code>
</li>
<li>
Now boot into the new overlay image:<br />
<code>qemu -hda /path/to/debian_selinux_overlay.img</code>
</li>
</ol>
<p><strong>Basic SELinux setup</strong>:</p>
<p><a href="http://www.hermann-uwe.de/node/1081"><img src="http://www.hermann-uwe.de/files/images/selinux_sestatus.preview.jpg" width="320" height="186" align="right" hspace="5" alt="SELinux / sestatus screenshot" /></a></p>
<ol>
<li>
SELinux wants to label all the files on your system (all inodes actually), so your filesystem(s) need the so-called <a href="http://acl.bestbits.at/">extended attributes (xattr)</a> and "security labels" (both are kernel options) which most modern file systems now support. For ext3 (for example) you need these config options:<code><br />
CONFIG_EXT3_FS=y<br />
CONFIG_EXT3_FS_XATTR=y<br />
CONFIG_EXT3_FS_SECURITY=y<br />
</code> Luckily the Debian kernels are xattr-enabled by default so we don't have to do anything at all here.</p>
<li>
Install the basic SELinux packages and the source package of the SELinux reference policy:<br />
<code>apt-get install checkpolicy policycoreutils selinux-policy-refpolicy-src</code>
</li>
<li>
I noticed a bug in the current Debian packages (the <code>setfiles</code> utility is in the wrong place, see <a href="http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=384850">#384850</a>), but there's a simple workaround:<br />
<code>ln -s /sbin/setfiles /usr/sbin/setfiles</code>
</li>
<li>
Now we can (re-)label the file system:<br />
<code>cd /etc/selinux/refpolicy/src/policy</code><br />
<code>make relabel</code><br />
This will build the reference policy from source and relabel your file system (this will take a while).<br />
There might be some warnings (and maybe you'll notice further bugs), but they seem not to be critical.
</li>
<li>
We can now (almost) enable SELinux, but before we can reboot we need to work around another bug (<a href="http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=384852">#384852</a>), otherwise SELinux will not be enabled when we reboot:<br />
<code>ln -s /etc/selinux/refpolicy/src /etc/selinux/targeted</code>
</li>
<li>
Now reboot the emulated Debian system, and at the <a href="http://en.wikipedia.org/wiki/GRUB">GRUB</a> console add the kernel option <code>selinux=1</code> to enable SELinux in the kernel (press "e" to edit the boot options).
</li>
<li>
You'll get tons of SELinux log messages while the system boots, that's normal at this point, don't worry.<br />
Then you can type "<code>sestatus</code>", which should print some information on the running SELinux system. If it says "SELinux status: disabled" something went wrong.
</li>
</ol>
<p>Congratulations! You now have a QEMU image with minimal SELinux support and you can start playing with it, tweaking the policy, finding and reporting bugs, reading tons of documentation on how SELinux actually works etc. etc.</p>
<p>As SELinux is (half?) a release-goal for Debian etch, it would be nice if many people could test it before the release, and this is one method to do so without breaking your production systems.</p>
<p><strong style="color: #ff0000">Update 2006-08-28:</strong> You don't really need <code>user_xattr</code> support for SELinux, only xattr support (for security.selinux xattrs) for the filesystem you use, which is available per default in Debian kernels (thanks <a href="http://www.coker.com.au/">Russell Coker</a>).</p>
http://www.hermann-uwe.de/blog/testing-stuff-with-qemu-part-1-selinux-support-in-debian-unstable#commentsbugsdebianetchinstallerlinuxnsaqemureleasesecurityselinuxtestunstableSun, 27 Aug 2006 15:23:56 +0200Uwe Hermann1080 at http://www.hermann-uwe.deAnother Memehttp://www.hermann-uwe.de/blog/another-meme
<p><a href="http://www.nerdtests.com/ft_cg.php?im"><img src="http://www.nerdtests.com/images/ft/cg.php?val=2840" alt="My computer geek score is greater than 98% of all people in the world! How do you compare? Click here to find out!" /></a></p>
http://www.hermann-uwe.de/blog/another-meme#commentscomputergeekmemenerdquiztestSat, 13 Aug 2005 01:26:13 +0200Uwe Hermann330 at http://www.hermann-uwe.deJust Ten Minutes Without a Testhttp://www.hermann-uwe.de/blog/just-ten-minutes-without-a-test
<p><a href="http://butunclebob.com/ArticleS.UncleBob.JustTenMinutesWithoutAtest">This</a> is what happens to you, if you try to perform too many code changes at once. It's usually better to perform small, incremental changes and run your <a href="http://en.wikipedia.org/wiki/Unit_test">unit tests</a> (hopefully many) after each of them to check if you messed up.</p>
<p>I don't want to even think about cases where you don't have any test cases <em>at all</em>. In such a case, debugging nightmares are preassigned.</p>
<p>I'm currently involved in multiple <a href="http://www.ruby-lang.org/en/">Ruby</a> projects where I make extensive use of unit testing. Ruby ships with a built-in, easy to use unit testing library called <a href="http://www.ruby-doc.org/core/classes/Test/Unit.html">Test::Unit</a>, so you really don't have any excuse for <em>not</em> unit testing your code.</p>
http://www.hermann-uwe.de/blog/just-ten-minutes-without-a-test#commentscodeprogrammingrubytestunit testingSun, 10 Jul 2005 01:35:22 +0200Uwe Hermann294 at http://www.hermann-uwe.de